Representation of the binary Classic McEliece matrix H, with H = (I_mt | T). More...

#include <cmce_matrix.h>

Public Member Functions
constexpr void	_const_time_unpoison () const

const std::vector< uint8_t > &	bytes () const
	The bytes of the submatrix T, with H=(I_mt, T) as defined in Classic McEliece ISO Section 9.2.7.

	Classic_McEliece_Matrix (const Classic_McEliece_Parameters &params, std::vector< uint8_t > mat_bytes)
	Create a Classic_McEliece_Matrix from bytes.

CmceCodeWord	mul (const Classic_McEliece_Parameters &params, const CmceErrorVector &e) const
	Multiply the Classic McEliece matrix H with a bitvector e.

Static Public Member Functions
static std::optional< std::pair< Classic_McEliece_Matrix, CmceColumnSelection > >	create_matrix (const Classic_McEliece_Parameters &params, const Classic_McEliece_Field_Ordering &field_ordering, const Classic_McEliece_Minimal_Polynomial &g)
	Create the matrix H for a Classic McEliece instance given its parameters, field ordering and minimal polynomial.

static std::optional< std::pair< Classic_McEliece_Matrix, CmceColumnSelection > >	create_matrix_and_apply_pivots (const Classic_McEliece_Parameters &params, Classic_McEliece_Field_Ordering &field_ordering, const Classic_McEliece_Minimal_Polynomial &g)
	Create the matrix H for a Classic McEliece instance given its parameters, field ordering and minimal polynomial.

Detailed Description

Representation of the binary Classic McEliece matrix H, with H = (I_mt | T).

Only the bytes of the submatrix T are stored.

Definition at line 26 of file cmce_matrix.h.

Constructor & Destructor Documentation

◆ Classic_McEliece_Matrix()

Botan::Classic_McEliece_Matrix::Classic_McEliece_Matrix	(	const Classic_McEliece_Parameters &	params,
		std::vector< uint8_t >	mat_bytes )

inline

Create a Classic_McEliece_Matrix from bytes.

Parameters

mat_bytes The bytes of the submatrix T as defined in Classic McEliece ISO Section 9.2.7.

Definition at line 84 of file cmce_matrix.h.

                                                                                                       :
            m_mat_bytes(std::move(mat_bytes)) {
         BOTAN_ARG_CHECK(m_mat_bytes.size() == params.pk_size_bytes(), "Invalid byte size for matrix");
         if(params.pk_no_cols() % 8 == 0) {
            return;
         }
         // Check padding of mat_bytes rows
         BOTAN_ASSERT_NOMSG(m_mat_bytes.size() == params.pk_no_rows() * params.pk_row_size_bytes());
         for(size_t row = 0; row < params.pk_no_rows(); ++row) {
            uint8_t padded_byte = m_mat_bytes[(row + 1) * params.pk_row_size_bytes() - 1];
            CT::unpoison(padded_byte);
            BOTAN_ARG_CHECK(padded_byte >> (params.pk_no_cols() % 8) == 0, "Valid padding of unused bytes");
         }
      }

References BOTAN_ARG_CHECK, BOTAN_ASSERT_NOMSG, Botan::Classic_McEliece_Parameters::pk_no_cols(), Botan::Classic_McEliece_Parameters::pk_no_rows(), Botan::Classic_McEliece_Parameters::pk_row_size_bytes(), and Botan::Classic_McEliece_Parameters::pk_size_bytes().

Referenced by create_matrix().

Member Function Documentation

◆ _const_time_unpoison()

void Botan::Classic_McEliece_Matrix::_const_time_unpoison ( ) const

inlineconstexpr

Definition at line 108 of file cmce_matrix.h.

108{ CT::unpoison(m_mat_bytes); }

◆ bytes()

const std::vector< uint8_t > & Botan::Classic_McEliece_Matrix::bytes ( ) const

inline

The bytes of the submatrix T, with H=(I_mt, T) as defined in Classic McEliece ISO Section 9.2.7.

Returns: The matrix bytes

Definition at line 77 of file cmce_matrix.h.

77{ return m_mat_bytes; }

◆ create_matrix()

std::optional< std::pair< Classic_McEliece_Matrix, CmceColumnSelection > > Botan::Classic_McEliece_Matrix::create_matrix	(	const Classic_McEliece_Parameters &	params,
		const Classic_McEliece_Field_Ordering &	field_ordering,
		const Classic_McEliece_Minimal_Polynomial &	g )

static

Create the matrix H for a Classic McEliece instance given its parameters, field ordering and minimal polynomial.

Output is a pair of the matrix and the pivot vector c that was used to create it in the semi-systematic form as described in Classic McEliece ISO Section 9.2.11.

The update of alpha values as per Classic McEliece ISO Section 7.2.3 Step 5 is not performed by this method because it is only used for public key loading where the values are already permuted and field_ordering cannot be altered.

Parameters

params	Classic McEliece parameters
field_ordering	Field ordering
g	Minimal polynomial

Returns: Pair(the matrix H, pivot vector c)

Definition at line 243 of file cmce_matrix.cpp.

                                                 {
   auto mat = init_matrix_with_alphas(params, field_ordering, g);
   auto pivots = apply_gauss(params, mat);
 
   auto gauss_failed = !pivots.has_value();
   CT::unpoison(gauss_failed);
   if(gauss_failed) {
      return std::nullopt;
   }
 
   auto pk_mat_bytes = extract_pk_bytes_from_matrix(params, mat);
   return std::make_pair(Classic_McEliece_Matrix(params, std::move(pk_mat_bytes)), pivots.value());
}

References Classic_McEliece_Matrix(), and Botan::CT::unpoison().

Referenced by Botan::Classic_McEliece_PublicKeyInternal::create_from_private_key(), and create_matrix_and_apply_pivots().

◆ create_matrix_and_apply_pivots()

std::optional< std::pair< Classic_McEliece_Matrix, CmceColumnSelection > > Botan::Classic_McEliece_Matrix::create_matrix_and_apply_pivots	(	const Classic_McEliece_Parameters &	params,
		Classic_McEliece_Field_Ordering &	field_ordering,
		const Classic_McEliece_Minimal_Polynomial &	g )

static

Create the matrix H for a Classic McEliece instance given its parameters, field ordering and minimal polynomial.

Output is a pair of the matrix and the pivot vector c that was used to create it in the semi-systematic form as described in Classic McEliece ISO Section 9.2.11.

This method directly updates the field ordering values as described in Classic McEliece ISO Section 7.2.3 Step 5 (for f parameter sets).

Parameters

params	Classic McEliece parameters
field_ordering	Field ordering (will be updated)
g	Minimal polynomial

Returns: Pair(the matrix H, pivot vector c)

Definition at line 261 of file cmce_matrix.cpp.

                                                                                                      {
   auto pk_matrix_and_pivots = create_matrix(params, field_ordering, g);
 
   bool matrix_creation_failed = !pk_matrix_and_pivots.has_value();
   CT::unpoison(matrix_creation_failed);
   if(matrix_creation_failed) {
      return std::nullopt;
   }
 
   auto& [_, pivots] = pk_matrix_and_pivots.value();
 
   if(params.is_f()) {
      field_ordering.permute_with_pivots(params, pivots);
   }
 
   return pk_matrix_and_pivots;
}

References create_matrix(), Botan::Classic_McEliece_Parameters::is_f(), Botan::Classic_McEliece_Field_Ordering::permute_with_pivots(), and Botan::CT::unpoison().

◆ mul()

CmceCodeWord Botan::Classic_McEliece_Matrix::mul	(	const Classic_McEliece_Parameters &	params,
		const CmceErrorVector &	e ) const

Multiply the Classic McEliece matrix H with a bitvector e.

Parameters

params	Classic McEliece parameters
e	The bitvector e

Returns: H*e

Definition at line 281 of file cmce_matrix.cpp.

                                                                                                                   {
   auto s = e.subvector<CmceCodeWord>(0, params.pk_no_rows());
   auto e_T = e.subvector(params.pk_no_rows());
   auto pk_slicer = BufferSlicer(m_mat_bytes);
 
   for(size_t i = 0; i < params.pk_no_rows(); ++i) {
      auto pk_current_bytes = pk_slicer.take(params.pk_row_size_bytes());
      auto row = secure_bitvector(pk_current_bytes, params.n() - params.pk_no_rows());
      row &= e_T;
      s[i] ^= row.has_odd_hamming_weight().as_bool();
   }
 
   BOTAN_ASSERT_NOMSG(pk_slicer.empty());
   return s;
}

References BOTAN_ASSERT_NOMSG, Botan::Classic_McEliece_Parameters::n(), Botan::Classic_McEliece_Parameters::pk_no_rows(), Botan::Classic_McEliece_Parameters::pk_row_size_bytes(), and Botan::detail::Strong_Adapter< T >::subvector().

The documentation for this class was generated from the following files:

src/lib/pubkey/classic_mceliece/cmce_matrix.h
src/lib/pubkey/classic_mceliece/cmce_matrix.cpp

Public Member Functions

Static Public Member Functions

Detailed Description

Constructor & Destructor Documentation

◆ Classic_McEliece_Matrix()

Member Function Documentation

◆ _const_time_unpoison()

◆ bytes()

◆ create_matrix()

◆ create_matrix_and_apply_pivots()

◆ mul()